package cs633.action;


import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.PreparedStatement;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.struts2.interceptor.ServletRequestAware;

import com.opensymphony.xwork2.ActionSupport;

import cs633.util.DBManager;

public class LoginAction extends ActionSupport implements ServletRequestAware {
	private static final long serialVersionUID = -10717800338825506L;
	private HttpServletRequest request;
	private String result;
	private String url;
	
	public String getUrl() {
		return url;
	}

	public void setUrl(String url) {
		this.url = url;
	}

	public String getResult() {
		return result;
	}

	public void setResult(String result) {
		this.result = result;
	}


	public String login() {
		HttpSession session = request.getSession(true);
		Connection con = null;
		String userID = request.getParameter("username");
		String userPasswd = request.getParameter("password");
		String userType = null;
		String userSeq = null;
		String first = null;
		String last = null;
		
		try {
			con = DBManager.getInstance().getConn();
			String sql = "SELECT * FROM cs633.user WHERE USER_ID = ? AND USER_PASSWD = ?";
			PreparedStatement pstmt = con.prepareStatement(sql);
			pstmt.setString(1, userID);
			pstmt.setString(2, userPasswd);			
			
			ResultSet rs = pstmt.executeQuery();

			while (rs.next()) {
				first = rs.getString("USER_FIRST_NAME");
				last = rs.getString("USER_LAST_NAME");
				userType = rs.getString("USER_TYPE");
				userSeq = rs.getString("USER_SEQ_ID");
			}

			if (userType != null) {
				session.setAttribute("userID", userID);
				session.setAttribute("userSeq", userSeq);
				setResult("SUCCESS");

				if (userType.equals("A"))
					setUrl("admin.jsp");
				else
					setUrl("main.jsp");
			} else {
				setResult("FAILED");
			}
			
		} catch (Exception e) {
			System.out.println("Error: " + e.getMessage());
		} finally {
			try {
				con.close();
			} catch (Exception e) {
				
			}
		}
		
		return SUCCESS;
		
	}

	public String newMember() {
		String firstName = request.getParameter("newMember-firstname");
		String lastName = request.getParameter("newMember-lastname");
		String userID = request.getParameter("newMember-userid");
		String email = request.getParameter("newMember-email");
		String userPasswd = request.getParameter("newMember-password");	
		try {
			Connection con = DBManager.getInstance().getConn();
			String sql = "INSERT INTO cs633.user(`USER_ID`, `USER_FIRST_NAME`, `USER_LAST_NAME`, `USER_EMAIL`, `USER_PASSWD`) VALUES (?, ?, ?, ?, ?)";
			PreparedStatement pstmt = con.prepareStatement(sql);
			pstmt.setString(1, userID);
			pstmt.setString(2, firstName);
			pstmt.setString(3, lastName);
			pstmt.setString(4, email);
			pstmt.setString(5, userPasswd);
			
			int count = pstmt.executeUpdate();			
			con.close();
			if (count == 1) {
				setResult("SUCCESS");
			} else {
				setResult("FAILED");
			}
			
		} catch (Exception e) {
			System.out.println("Error: " + e.getMessage());
		}			
		return SUCCESS;
	}
	@Override
	public void setServletRequest(HttpServletRequest request) {
		this.request = request;		
	}

}
